In this article, we will show how you can temporarily block server access with the use of CSF. CSF (ConfigServer Security & Firewall) is a powerful firewall for Linux systems.
First of all, you must make sure to whitelist your own IP. Use:
csf -a yourIP
root@www [/]# csf -a 192.168.11.11
Adding 192.168.11.11 to csf.allow and iptables ACCEPT...
root@www [/]#
To deny all inbound connections to all server services use:
csf -td 0.0.0.0/0 30 -d in "block all inbound connections for 30 seconds"
To deny all inbound connections to port 80 (Apache server), use:
csf -td 0.0.0.0/0 30 -p 80 -d in "block all inbound connections to port 80 for 30 seconds"
root@www [/]# csf -td 0.0.0.0/0 30 -p 80 -d in "block all inbound connections to port 80 for 30 seconds"
csf: 0.0.0.0/0 blocked on port 80 for 30 seconds inbound
To check the status of the previous temporary blocked IP(s), use:
csf -t
root@www [/]# csf -t
DENY 0.0.0.0/0 80 in 24s block all inbound connections for 30 seconds
If you want to remove the IP(s) ahead of time:
csf -tr 0.0.0.0/0
Resources:
https://configserver.com/cp/csf.html